Corporate Software Inspector 2018 R1 (Cloud Edition)

Release Notes

March 2018

Introduction

Flexera’s Corporate Software Inspector is a Vulnerability and Patch Management Software Solution that completes and targets the Patch Management process. It combines Vulnerability Intelligence, Vulnerability Scanning, and Patch Creation with Patch Deployment Tool Integration to enable targeted, reliable, and cost-efficient Patch Management.

Vulnerability and Patch Management are critical components of any security infrastructure because it enables proactive detection and remediation of vulnerabilities before they are actively exploited and your security compromised. With Corporate Software Inspector, IT Operations and Security Teams are empowered to take control of the Vulnerability Threat from both Microsoft and non-Microsoft (third-party) product vulnerabilities, covering Microsoft Windows, Mac OSX, and Red Hat Enterprise Linux.

Corporate Software Inspector scanning technology takes a different approach than other vulnerability scanning solutions by conducting non-intrusive scans to accurately identify all installed products and plugins on the system.

Corporate Software Inspector integrates seamlessly with Microsoft® WSUS and System Center Configuration Manager.

New Features and Enhancements

Corporate Software Inspector 2018 R1 (Cloud Edition) includes the following new features and enhancements:

Display all advisories affecting a product
Removed zero count installations path from Flexera’s Software Package System (SPS) wizard
Prevent excessive polling for status by agent
Integrated online help for Corporate Software Inspector

Note • To see the following new features and enhancements in your Corporate Software Inspector interface, you must refresh the cache in your browser. You can use the shortcut key CTRL+R.

Display all advisories affecting a product

A new Advisory tab has been added to the detailed pop-up screens. This tab lists all current and past advisories that affect a product. Note that these listed advisories could be related to different platforms (CSIL-8381).

Removed zero count installations path from Flexera’s Software Package System (SPS) wizard

In Step 3 of the SPS installation, paths with zero counts are included by default. These paths represent scan data from hosts that are no longer active. Going forward, such zero count paths will not be included. Users will have to explicitly include them in the package (CSIL-8420).

Prevent excessive polling for status by agent

To prevent the Corporate Software Inspector Agent from flooding the server with requests for scan status every second, new polling logic has been implemented. This new polling logic helps increase the scalability of the web server to support more agents (CSIL-8506).

Integrated online help for Corporate Software Inspector

After logging on to Corporate Software Inspector, users can press F1 to connect to the relevant online help page from http://helpnet.flexerasoftware.com/csi/Default.htm (CSIL-8469).

Resolved Issues

Corporate Software Inspector 2018 R1 (Cloud Edition) has resolved the following issues:

Detection of Microsoft products in host with language packs
Exported CSV files from the Database console match user interface field names and data
Using “not in” criteria when viewing or editing Smart Group criteria for Operating System
Fixed SCCM plug-in to send Knowledge Base numbers
Renamed Zero-Day Advisory Filters
Available page shows only 25 packages when more packages are available
Turn on Zero-Day module by default for cloud customers
Updated Online Help section: Install the Mac Agent

Detection of Microsoft products in host with language packs

Corporate Software Inspector was not detecting a few Microsoft products like IIS when they scanned hosts with language packs and were installed in their default windows system directory. This was because on such machines the window api reported filenames with a .exe.mui extension instead of just .exe. This issue has been fixed (CSIL-8210).

Note • This fix might lead to the detection of more Microsoft products, and users might see an increase in the installed counts on their Corporate Software Inspector Dashboard.

Exported CSV files from the Database console match user interface field names and data

In the Database console, there was an issue in the exported custom selection of columns as csv. This issue has been fixed (CSIL-8440).

Using “not in” criteria when viewing or editing Smart Group criteria for Operating System

The issue of incorrect host counts when using the “Operating System -> not in” criteria for Host smart groups has been fixed.

Note • For Linux platforms, "Linux Kernel" and "Red Hat Enterprise Linux Server" are both considered operating systems. To obtain accurate smart group host counts, you only need to select one of the Linux operating systems (CSIL-8458).

Fixed SCCM plug-in to send Knowledge Base numbers

Fixed issues related to SCCM plug-in not reporting Microsoft KBs. This fix requires users to update the SCCM plug-in, which can be downloaded at https://secuniaresearch.flexerasoftware.com/support/download/ (CSIL-8498).

Renamed Zero-Day Advisory Filters

Under Results > Advisory Smart Groups > Overview and Configuration the Zero-Day Advisory filters:

"Currently Affecting You" was renamed "Advisories that Affected You"
"Historic List of Zero-Day Advisories" was renamed "All Advisories"

For further details, see http://helpnet.flexerasoftware.com/csi/Default.htm#helplibrary/Overview_and_Configuration_2.htm (CSIL-8484).

Available page shows only 25 packages when more packages are available

WSUS/System Center was incorrectly reporting the number of available packages. This issue has been fixed (CSIL-8454).

Turn on Zero-Day module by default for cloud customers

The Zero-Day module feature was not available to new clients by default. Support needed to create a devops ticket to turn ON this feature for existing customers. This issue has been fixed (CSIL-8480).

Updated Online Help section: Install the Mac Agent

Previously, documentation suggested giving higher privileges to csia.exe than required. It is highly recommended that this be changed by executing commandchmod +x csia”.This change will prevent “csia” from having more privileges than it needs.

The updated help section can be found here: http://helpnet.flexerasoftware.com/csi/Default.htm#helplibrary/Install_the_Mac_Agent.htm (CSIL-8545).

System Requirements

To use the Corporate Software Inspector console, your system should meet the following requirements:

Minimum resolution: 1024x768
Internet Explorer 11 or higher (Scan results can also be viewed from other browsers)
Internet connection capable of connecting to https://csi7.secunia.com
The following addresses should be white-listed in the Firewall/Proxy configuration:
crl.verisign.net
crl.thawte.com
http://*.ws.symantec.com
https://*.secunia.com/
First-Party cookie settings at least to Prompt (in Internet Explorer)
Allow session cookies
A PDF reader

Legal Information

Copyright Notice

Copyright © 2018 Flexera.

This publication contains proprietary and confidential information and creative works owned by Flexera and its licensors, if any. Any use, copying, publication, distribution, display, modification, or transmission of such publication in whole or in part in any form or by any means without the prior express written permission of Flexera is strictly prohibited. Except where expressly provided by Flexera in writing, possession of this publication shall not be construed to confer any license or rights under any Flexera intellectual property rights, whether by estoppel, implication, or otherwise.

All copies of the technology and related information, if allowed by Flexera, must display this notice of copyright and ownership in full.

Intellectual Property

For a list of trademarks and patents that are owned by Flexera, see https://www.flexera.com/producer/company/about/intellectual-property/. All other brand and product names mentioned in Flexera products, product documentation, and marketing materials are the trademarks and registered trademarks of their respective owners.

Restricted Rights Legend

The Software is commercial computer software. If the user or licensee of the Software is an agency, department, or other entity of the United States Government, the use, duplication, reproduction, release, modification, disclosure, or transfer of the Software, or any related documentation of any kind, including technical data and manuals, is restricted by a license agreement or by the terms of this Agreement in accordance with Federal Acquisition Regulation 12.212 for civilian purposes and Defense Federal Acquisition Regulation Supplement 227.7202 for military purposes. The Software was developed fully at private expense. All other use is prohibited.

Disclaimer

Information in this document is subject to change without notice. Companies, names, and data used in examples herein are fictitious unless otherwise noted. The provision of such information does not represent any commitment on the part of Flexera. Flexera makes no warranty of any kind with regard to this material, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose. Flexera shall not be liable for errors contained herein or for incidental or consequential damages in connection with the furnishing, performance, or use of this material.

The software described in this document is furnished by Flexera under a license agreement. The software may be used only in accordance with the terms of that license agreement. It is against the law to copy or use the software, except as specifically allowed in the license agreement. No part of this document may be reproduced or retransmitted in any form or by any means, whether electronically or mechanically, including, but not limited to: photocopying, recording, or information recording and retrieval systems, for any purpose other than the purchaser’s personal use, without the express, prior, written permission of Flexera.